Forwarded From: Nicholas Charles Brawn <ncb05at_private> [This looks similar to the press releases we saw concering the "Blitzkreig" server (if it isn't the same product). The most worrying line I saw was: "Then he [the administrator] can decide on the ultimate revenge and have the sentries gain entrance to the hacker's computer and plant a virus". Of course, I'm sure it has anti-spoofing routines built in... :) - Nick] [Moderator: One thing these programs fail to think of.. if a hacker is using another system, then the software will illegally hack an innocent system as retaliation. Of course, that is if any of this exists which I highly doubt (and certainly hope doesn't exist).] 24May98 USA: SOFTWARE HITS BACK AT HACKER WITH VIRUSES - INNOVATION - SECURITY. By Sean Hargrave. SOFTWARE that can detect an attack by hackers and retaliate by sending a computer virus will be unveiled next month, writes Sean Hargrave. Larry Wood, co-founder of the Future Vision Group, based in Santa Fe, explains that his software is basically a group of sentries that can be deployed across a company's computer network and, if needed, the Internet. The sentries stand guard at switches that allow traffic in and out of a system. If an abnormal amount of data is detected coming from an unusual source, the sentries "chat" among themselves to decide if the data should be allowed to pass. If they decide to hold it up, a message is sent to a system administrator for advice. The administrator has the option of asking the sentries to track the path of the data and identify its source. Then he can decide on the ultimate revenge and have the sentries gain entrance to the hacker's computer and plant a virus. A prototype version of the Network Lightning Server is being examined by the FBI after the software highlighted an attack from teenage hackers using pornographic messages to entice staff at blue-chip companies, intelligence agencies, university and military establishments to reveal e-mail addresses. Special Agent Doug Beldon, from the FBI's Albuquerque office, New Mexico, has confirmed agency interest, but refuses to comment further. The hackers came to light last summer when thousands of e-mails were scattered across the Net offering access to pictures of underage Japanese girls. To cover their tracks, the Japanese group sent its pornographic invitation through a San Francisco computer specialist, Quick Print. They were able to do this because a sacked employee gave them the passwords. The message invited people offended by the lewd invitation to send back an e-mail asking to be removed from the pornographer's mailing list so they would not be troubled again. According to Wood, the offer to be removed from the list was a trap. "They had no idea whether they had the right e-mail addresses so they needed people to get disgusted with the offer of illicit material," he says. "As soon as they answered and asked to be removed, the hackers had their e-mail address and the address of their host server." A "server" is the computer that, like an electric postman, delivers and receives e-mail. Armed with an e-mail address and the identity of its local server, the hackers immediately established a point of entry. Once hackers had gained the identities they were after, they decided to lie low. But at the start of this month they began to use the identities. The Japanese hackers are using software that logs on to a computer network as the person whose identity has been stolen. It then looks for password files that it can copy, which can then be examined and decrypted by the hackers. The attack is still going on, and the FBI has not ascertained how many passwords have been stolen. However, most of the targets, including the FBI, have been warned and e-mail addresses altered, or more robust screening software put in place to defend systems against the hackers. SUNDAY TIMES 24/05/98 -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:54:26 PDT